|
I am sorry but it is hard for me to explain. I seem to be having trouble
with the firewall marks when i have two websites on the lvs system that
are already using NAT from my iptables firewall that protects my LAN and
DMZ.
The LVS computers are using the Ultra Monkey package for RH 7.3.
All will work well when Site1 has an external NAT from the firewall and
Site2 is only available from the inside (only has an internal address
w/o NAT.) However when i turn on NAT on the external firewall for Site2,
the sites get mixed up...i can get images, files from Sit1 when i try to
pull up site2. I suspect the problem is that LVS is having problems
figuring out the right FWMark when the address is being NATed by another
firewall upstream? or the problem is with the apache keeping track of
what IP address (what virtual host) it is to address.
Chip
On Mon, 2003-05-12 at 07:01, Joseph Mack wrote:
> Chip Upsal wrote:
> >
> > I have my loadbalancers behind an iptables firewall doing NAT
> >
> > I am using firewall marks to route packets to the websites.
> >
>
> > When the second site went live both sites started fowling up. Some of the
> > immages templates for website A would show up on website B and visa versa.
> > Is too much natting going on. Does the FWMarks not handle NATTed packets
> > from another firewall well?
>
> I'm sorry I don't understand your explanation. Can you give me
> more information
>
> Joe
>
|
